perf_event_open is not restricted to admin by default
Bug #1905786 reported by
Thadeu Lima de Souza Cascardo
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Invalid
|
Undecided
|
Unassigned | ||
linux-raspi2 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Thadeu Lima de Souza Cascardo |
Bug Description
[Impact]
perf_event_open is not restricted by default, which means unprivileged users may have access to information they should not have.
[Test case]
Run as an unprivileged user:
perf stat true
and check that it fails.
[Potential regression]
Users who expect to be able to use perf will not be able to do it. The fix might also cause the build to fail, in case it doesn't match enforced config options.
CVE References
Changed in linux (Ubuntu): | |
status: | New → Invalid |
Changed in linux (Ubuntu Bionic): | |
status: | New → Invalid |
Changed in linux-raspi2 (Ubuntu): | |
status: | New → Invalid |
Changed in linux-raspi2 (Ubuntu Bionic): | |
status: | New → In Progress |
assignee: | nobody → Thadeu Lima de Souza Cascardo (cascardo) |
importance: | Undecided → Medium |
Changed in linux-raspi2 (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
This bug was fixed in the package linux-raspi2 - 4.15.0-1078.83
---------------
linux-raspi2 (4.15.0-1078.83) bionic; urgency=medium
* bionic/ linux-raspi2: 4.15.0-1078.83 -proposed tracker (LP: #1911270)
* perf_event_open is not restricted to admin by default (LP: #1905786) SECURITY_ PERF_EVENTS_ RESTRICT
- [Config]: set CONFIG_
[ Ubuntu: 4.15.0-133.137 ]
* bionic/linux: 4.15.0-133.137 -proposed tracker (LP: #1911295) monitors_ config( ) kvm_unit_ tests interrupted on X-oracle-4.15 / PPC_RTAS_ FILTER HIERARCHY ext_bus_ get_link( ) echo_skb( ): fix real payload length return value for RTR echo_skb( ): fix echo skb generation: always use skb_clone() get_ts_ time(): fix timestamp wrapping can_rx( ): fix echo management when loopback is inode_pages_ final for sd_aspace
* [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
config: (LP: #1908219)
- qxl: remove qxl_io_log()
- qxl: move qxl_send_
- qxl: hook monitors_config updates into crtc, not encoder.
* Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
- Input: i8042 - add ByteSpeed touchpad to noloop table
* vmx_nm_test in ubuntu_
B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
- KVM: nVMX: Always reflect #NM VM-exits to L1
* stack trace in kernel (LP: #1903596)
- net: napi: remove useless stack trace
* CVE-2020-27777
- [Config]: Set CONFIG_
* Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
- regulator: defer probe when trying to get voltage from unresolved supply
- ring-buffer: Fix recursion protection transitions between interrupt context
- time: Prevent undefined behaviour in timespec64_to_ns()
- nbd: don't update block size after device is started
- btrfs: sysfs: init devices outside of the chunk_mutex
- btrfs: reschedule when cloning lots of extents
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_
- hv_balloon: disable warning when floor reached
- net: xfrm: fix a race condition during allocing spi
- perf tools: Add missing swap for ino_generation
- ALSA: hda: prevent undefined shift in snd_hdac_
- can: rx-offload: don't call kfree_skb() from IRQ context
- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
context
- can: dev: __can_get_
frames
- can: can_create_
- can: peak_usb: add range checking in decode operations
- can: peak_usb: peak_usb_
- can: peak_canfd: pucan_handle_
on
- xfs: flush new eof page on truncate to avoid post-eof corruption
- Btrfs: fix missing error return if writeback for extent buffer never started
- ath9k_htc: Use appropriate rs_datalen type
- usb: gadget: goku_udc: fix potential crashes in probe
- gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
- gfs2: Add missing truncate_
- gfs2: check for live vs. read-only file system in gfs2_fitrim
- scsi: hpsa: Fix memory leak in hpsa_init_one()
- drm/amdgpu: perform srbm soft reset always on SDMA resume
- mac80211: fix use of skb payload instead of header
- cfg80211: regulatory: Fix inconsistent format argument
- scsi: scsi_dh_alua: Avoid crash during alua_bus...